It looks like that file cdaaccesstext.css and possibly others on the site have been hacked. This appears to be a good detection.

Also see http://www.virustotal.com/file-scan/report.html?id=0df802d2c0ddac762645b510324d77261335a89ec463cecb617c99d63ebe71bb-1299795702

Note the iframe inserted into the bottom of the file after the closing HTML tag, a standards no, no and highly suspect. The domain named in the iframe is considered an attack site.

See images, click to expand.